The target is running at least one instance of IlohaMail version
0.7.11 or earlier. Such versions contain a flaw in the processing of
the session variable that allows an unauthenticated attacker to
retrieve arbitrary files available to the web user, provided the
filesystem backend is in use.

Solution : Upgrade to IlohaMail version 0.7.12 or later.

Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.